CVE-2008-0015

07.07.2009, 23:30

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 99%

Vendor	Product	Version
microsoft	windows_2003_server	-
microsoft	windows_2003_server	-
microsoft	windows_2003_server	-
microsoft	windows_xp	*
microsoft	windows_xp	-
microsoft	windows_xp	-

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx

http://isc.sans.org/diary.html?storyid=6733

http://osvdb.org/55651

http://secunia.com/advisories/36187

http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799

http://www.iss.net/threats/329.html

http://www.kb.cert.org/vuls/id/180513

http://www.microsoft.com/technet/security/advisory/972890.mspx

http://www.securityfocus.com/bid/35558

http://www.securityfocus.com/bid/35585

http://www.securitytracker.com/id?1022514

http://www.us-cert.gov/cas/techalerts/TA09-187A.html

http://www.us-cert.gov/cas/techalerts/TA09-195A.html

http://www.us-cert.gov/cas/techalerts/TA09-223A.html

http://www.vupen.com/english/advisories/2009/2232

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436

http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx

http://isc.sans.org/diary.html?storyid=6733

http://osvdb.org/55651

http://secunia.com/advisories/36187

http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799

http://www.iss.net/threats/329.html

http://www.kb.cert.org/vuls/id/180513

http://www.microsoft.com/technet/security/advisory/972890.mspx

http://www.securityfocus.com/bid/35558

http://www.securityfocus.com/bid/35585

http://www.securitytracker.com/id?1022514

http://www.us-cert.gov/cas/techalerts/TA09-187A.html

http://www.us-cert.gov/cas/techalerts/TA09-195A.html

http://www.us-cert.gov/cas/techalerts/TA09-223A.html

http://www.vupen.com/english/advisories/2009/2232

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436